With vast amounts of data being generated daily and the ever increasing interconnectivity of the world’s internet infrastructures, a machine learning based Intrusion Detection Systems (IDS) has become a vital component to protect our economic and national security. Previous shallow learning and deep learning strategies adopt the single learning model approach for intrusion detection. The single learning model approach may experience problems to understand increasingly complicated data distribution of intrusion patterns. Particularly, the single deep learning model may not be effective to capture unique patterns from intrusive attacks having a small number of samples. In order to further enhance the performance of machine learning based IDS, we propose the Big Data based Hierarchical Deep Learning System (BDHDLS). BDHDLS utilizes behavioral features and content features to understand both network traffic characteristics and information stored in the payload. Each deep learning model in the BDHDLS concentrates its efforts to learn the unique data distribution in one cluster. This strategy can increase the detection rate of intrusive attacks as compared to the previous single learning model approaches. Based on parallel training strategy and big data techniques, the model construction time of BDHDLS is reduced substantially when multiple machines are deployed.

Wireless sensors are deployed widely to monitor space, emergent events, and disasters. Collected real-time sensory data are precious for completing rescue missions quickly and efficiently. Detecting isolate safe areas is significant for various applications of event and disaster monitoring since valuable real-time information can be provided for the rescue crew to save persons who are trapped in isolate safe areas. We propose a centralized method to detect isolate safe areas via discovering holes in event areas. In order to shorten the detection delay, a distributed isolate safe area detection method is studied. The distributed method detects isolate safe areas during the process of event detection. Moreover, detecting isolate safe areas in a building is addressed particularly since the regular detecting method is not applicable. Our simulation results show that the distributed method can detect all isolate safe areas in an acceptable short delay.